How to run a docker instance (without a cert) behind a load balancer with a cert

We are working to migrate from a load balancer (no cert) which has multiple ec2 docker instances (with certs) into a loadbalancer (with cert) with multiple ec2 (no cert). we have been able to get the site to launch, but we utilize ONELOGIN, and because the ec2 instance is listening on 80 (we do a port redirect from the load balancer from 443:80), the solution is erroring. ONELOGIN will not allow an HTTP instance within the configuration for a redirect URI. the goal is to minimize the number of certs on all the ec2 instances and have certs live at the load balancer level (instead of installing lets encrypt as we have today).

if there a way to redirect requests out from the ec2 through the load balancer to address this problem or will we continue to have certs exist on the ec2 instances due to the multiple integrations with third part solutions